Hi people,
I'm no linux newbie and no newbie to elastix. But it is my very first time with SecAst. It seems to me I've done something wrong while setting up the whole thing and I get only an empty page when I get on my browser and write 192.168.xxx.xxx/secast.
Could it be because I work with elastix and httpd is so configured that it automatically redirects http to https? Or is it a misconfiguration while setting SecAst up? I followed the Detailed Installation Guide. Have checked it already twice, and it seems I followed all steps without leaving one out...

You didn't post quite enough detail to give a definite answer, but I'll offer some suggestions:

You didn't mentioned which option you chose for installing the web interface, so I'll assume option 1 (create a directory alias). Check the file /etc/httpd/conf.d/secast.conf and ensure the directory matches where you have installed SecAst web files.

You didn't post any log files, but since you are running Elastix which is based on CentOS, your Apache error log file is most likely located in /var/log/httpd/error_log. Check the log file for errors (or post the relevant section so we can offer some suggestions).

Somehow it keeps wanting to search for settings.php in /var/www/html but it is in /var/www/html/secast.
I've taken a look to index.php I could get most those ifs leaving only if (file_exists('/var/www/html/secast/settings.php')) $SOURCE_ROOT='/var/www/html/secast/ but I'm not quite sure it will solve the problem.

I have been reading, and it seems with the free edition I can do very little, but banning ips is something I could, if I had a file or a database where such IPs are kept. I have whether a database nor a file... SO how do I proceed?

It sounds like your document root (set by PHP) is not pointing to the right place - but that's ok. (We'll try to recreate your problem on a future release so we can properly detect and override the document root for your distro.) A simple workaround is to create a symlink for settings.php to the correct document; for example:

The GUI is useful for analysis of historical data, sources of attack, graphs, etc. but is not necessary for the operation of SecAst. Most of the reporting in the GUI is based on the MySQL database feature (which is not included in the free edition).

However, SecAst will still detect and block attackers in the Free Edition. All attack data is kept in an internal database (not MySQL) so it operates with all editions of SecAst.